Treliant’s Post

Happy to see the priorities of the Supervisor for Banks redefined for 2023-2025: - Strengthen resilience to the immediate consequences of macro-financial and geopolitical shock  - Address digitalisation challenges and cyber risks more strategically - Strengthen management bodies’ steering capabilities - Step up efforts in addressing climate change by incorporating the significant physical and transactional risks into their strategies. There is hope. #responsiblebanking #supervisor #expectations #riskmanagement

Geopolitical Risk is becoming a critical risk category, and financial institutions are expected to identify, assess, and control for those risks in their Enterprise Risk Management Framework. The OCC, FRB, and the FDIC have called for banks to manage these risks better. "In 2022, geopolitical events continued to increase the likelihood of cyber attacks on banks. The Microsoft Digital Defense Report, published in November 2022, stated that cyber attacks targeting critical infrastructure for many firms around the world jumped from 20 percent of all nation-state attacks to 40 percent. This large increase in malicious activity was attributed to Russia’s attempts to damage Ukrainian infrastructure, along with aggressive espionage targeting of Ukraine’s allies, including the United States." https://lnkd.in/eTNmWrUR

https://lnkd.in/ddYY-hHH Speech by Mr Neil Esho, Secretary General of the Basel Committee on Banking Supervision, at the Eurofi Financial Forum 2023, Santiago de Compostela, 13 September 2023. Gist: Core principles for effective banking supervision, better known as the "Basel Core Principles" The Core Principles provide a framework for strengthening prudential supervision in all countries In total, there are 29 core principles, which are broadly grouped according to the expectations of supervisory authorities (CPs 1–13) and those of banks (CPs 14–29). The Committee issued a consultative document proposing revisions to the Core Principles in July this year. BIS has proposed revisions in said core principles aim to incorporate elements from the Committee's Principles for operational resilience and revised Principles for the sound management of operational risk. This includes enhancements to governance, business continuity planning and testing, third-party dependency management and resilient cyber security. BIS encourage public to take advantage of the opportunity to provide feedback to the Committee on the same.

Recently the EBA set out the new policy for board expertise on ICT and security risks in banks. These are the SSM supervisory priorities for 2024-2026, that are based on 3 key principles. 1. The expectations will not affect DORA obligations 2. The principle of proportionality applies in terms of bank size, exposure risk etc and 3. This is a case-by-case determination, based on supervisory judgement. There is more information in the Guidance, but suffice to say, there is no easing up on the expectation that bank boards must become au fait and competent in managing ICT and security risks in their organisations.

OCC considering stronger requirements for operational resilience, including #cybersecurity , third-party/vendor risk, and business continuity. Will be interesting if they can overcome pushback on regulators and challenges to agency deference, and if OCC is envisioning some sort of stress testing. "This is not a problem that capital or liquidity can solve. Ensuring that critical operations and #banking services can withstand or recover from disruptive events requires good planning, prudent investment, well-designed systems and regular testing.” https://lnkd.in/gvpDBet2 #businesscontinuity #thirdpartyriskmanagement

OCC Report on Key Risks Operational Risk remains a theme due to the #cybersecurity #threatlandscape. Credit risk is rising in conjunction with #interestrates. Adoption and pace of change are increasing due to #humanerror. Recognition of #artificialintelligence, #aiadoption and #aiadvancements as an emerging risk trend. #riskmanagement #riskintelligence

Join our Frankfurt Financial Institutions Briefing in person on Tuesday 17 October and explore key issues shaping risks and opportunities for banking, insurance, and the finance sector. Hear Moody’s experts on inflation, interest rates, commercial real estate, cybersecurity, regulations and more. 👉 See the agenda and register here: https://lnkd.in/gwPDhpvG #Banking #cybersecurity

A good way to put DORA preparation to the test!! The exercise will assess how banks respond to and recover from a cyberattack, rather than their ability to prevent it, aligning perfectly with the ambitious goals of the DORA. Key challenges: 1. Cooperation and contribution from across the organisation to manage the test scenario. Those involved will range from management board to technical specialists, covering all three lines of defense and functions like IT, Risk, Finance and Compliance. External service providers may also play a role in case of ICT outsourcing. 2. Quantifying the impact of technology failures - immediate operational losses, and indirect costs arising from the loss of customers, new business and reputation. 3. Extensive evidence to support answers to the questionnaire, including policies, procedures, continuity and recovery plans, test results and communication strategies. 4. Fulfill the requirement for reporting major cyber incidents where the first notification to the supervisor is made within two hours of detection. 5. A sample of 28 banks will have to conduct an ICT recovery test, report their results in detail, and provide supervisors with an on-site validation of evidence.

2024 Top Risks in the Financial Services Industry - The Economy, Cyber and Third Parties Among Issues Portending Riskier Times in Financial Services #risk #economy #cybersecurity #thirdpartyriskmanagement #banking #capitalmarkets #payments #fintech Protiviti https://lnkd.in/eWriX6kt

Interesting interview with Claudia Buch 🌍🌐Banks should take into account climate and cyber risks. And regulator will pay more and more attention to these topics. 📉Asset quality is starting to deteriorate, however reported cost of risk remains relatively low and stable. Perhaps, current negative tendencies are not included in the risk assessment. 🏦Higher profits could be used for future shocks buffer. 💰Share of financial assets outside banks has increased. Non-banks should be also regulated properly.